package security.controller;

import com.fasterxml.jackson.core.JsonProcessingException;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import security.domain.User;
import security.service.UserService;
import security.service.impl.LoginUser;
import security.utils.Result;

@RequestMapping("/user")
@Controller
public class UserController {
    @Autowired
    private UserService userService;
    @PostMapping("/login")
    @ResponseBody
    public Result login(User user){
        try {
            String msg = userService.login(user);
            return Result.builder()
                    .code(200)
                    .msg(msg)
                    .build();
        } catch (JsonProcessingException e) {
            throw new RuntimeException(e);
        }
    }

    @GetMapping("/logout")
    @ApiOperation("注销登录")
    @ResponseBody
    @PreAuthorize("hasAuthority('sys:book:delete1')")
//    @PreAuthorize("@permission.hasPermission('sys:book:delete')")
    public Result logout(){
        userService.logout();
        return Result.builder()
                .code(200)
                .msg("注销成功")
                .build();
    }
}
